Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/U_ZuZRgSAfpNG8z0Ltw3iXlr9Ug.roa
File: U_ZuZRgSAfpNG8z0Ltw3iXlr9Ug.roa (raw, json)
Hash identifier: AXg20FGEwfI7xZCte4vrilrm9K5uV5w/VFgxq/AyDF4=
Subject key identifier: 53:F6:6E:65:18:12:01:FA:4D:1B:CC:F4:2E:DC:37:89:79:6B:F5:48
Certificate issuer: /CN=9255218b69e551143c51fa1d919512e1a44c5c9d
Certificate serial: 018CC4254F6946E52E98C51AE667A7CCE114
Authority key identifier: 92:55:21:8B:69:E5:51:14:3C:51:FA:1D:91:95:12:E1:A4:4C:5C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/U_ZuZRgSAfpNG8z0Ltw3iXlr9Ug.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56364
IP address blocks: 46.173.208.0/22 maxlen: 22
46.173.208.0/24 maxlen: 24
46.173.221.0/24 maxlen: 24
46.173.222.0/24 maxlen: 24
46.173.220.0/22 maxlen: 22
46.173.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/klUhi2nlURQ8UfodkZUS4aRMXJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/klUhi2nlURQ8UfodkZUS4aRMXJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:03:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4f:69:46:e5:2e:98:c5:1a:e6:67:a7:cc:e1:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9255218b69e551143c51fa1d919512e1a44c5c9d
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53f66e65181201fa4d1bccf42edc3789796bf548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ed:93:2f:3e:f2:3f:21:c7:30:a6:af:f1:fe:
c5:32:94:eb:4b:53:e2:0b:b8:f8:81:86:6d:e9:40:
06:28:1f:84:09:f5:ab:96:4c:8e:68:3a:45:fd:bf:
24:bf:91:9a:f2:69:8f:6c:c3:5f:fb:ee:35:55:1e:
e0:a2:dc:89:58:dc:66:c9:ff:c3:2f:58:c5:77:6c:
e3:b1:36:28:d8:3c:4c:12:1d:94:c9:4a:7b:ef:7d:
44:3d:4a:6e:01:2d:91:95:cb:41:cd:84:7e:37:d4:
93:a2:10:d0:74:91:24:5f:66:38:8d:a5:37:1c:8f:
4b:fe:76:f7:1c:58:05:1e:50:ff:70:56:b8:21:85:
05:2b:95:4d:c5:58:7e:45:bf:56:bb:b7:a3:42:d9:
1e:eb:60:6a:d5:0e:ae:fb:c1:c3:58:0b:83:e6:b8:
ab:ad:76:49:41:36:66:63:01:98:93:9d:6e:da:b9:
a5:cd:1b:fe:3f:a4:65:e0:92:7d:93:e8:23:bb:38:
94:83:0d:98:0c:69:e7:5e:d2:be:01:86:8a:13:8e:
f1:41:51:20:16:8f:57:02:04:90:54:7d:f5:4b:df:
3d:38:bb:60:02:e1:c9:de:ef:83:84:53:e8:48:82:
7e:7a:34:5b:a8:0d:3c:34:c1:2a:d1:76:34:99:1e:
04:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F6:6E:65:18:12:01:FA:4D:1B:CC:F4:2E:DC:37:89:79:6B:F5:48
X509v3 Authority Key Identifier:
keyid:92:55:21:8B:69:E5:51:14:3C:51:FA:1D:91:95:12:E1:A4:4C:5C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/U_ZuZRgSAfpNG8z0Ltw3iXlr9Ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/klUhi2nlURQ8UfodkZUS4aRMXJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.173.208.0/22
46.173.220.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:1f:c4:47:70:69:66:45:0e:0c:2a:24:80:c7:9e:f4:f6:98:
3e:ba:db:39:e0:7d:ce:cf:69:dd:18:e7:8f:f0:8e:e1:ea:af:
1a:61:a2:90:1d:ef:e9:f3:b7:a9:48:eb:4f:f7:e8:9a:f1:9e:
58:f5:f5:44:7f:e9:04:2f:ad:b6:eb:cf:fc:66:f2:13:ec:4c:
4d:02:c2:2f:b3:98:fc:a5:d1:d1:32:f4:f7:18:24:09:11:d1:
59:54:55:fd:fa:a4:55:84:4b:99:b7:23:65:8b:12:cc:af:8c:
33:5f:68:f7:3d:67:75:4c:52:ef:4b:9e:53:b2:3e:95:54:b5:
06:b8:ac:9c:2b:db:f8:8a:46:c6:cf:14:9b:51:a3:b4:9e:51:
d3:b1:51:e1:0d:8e:e3:4b:9f:34:13:5f:b1:5d:ff:f2:f8:32:
03:e2:fe:05:de:a1:be:d2:dc:e7:c9:76:90:1d:84:cb:00:97:
24:8d:28:11:3c:de:e2:f2:e5:3e:c9:91:eb:89:4f:79:66:2a:
fc:e6:7b:60:40:55:4b:5c:4d:2f:78:7f:dd:58:ff:49:fd:fa:
f5:aa:c1:0b:57:6e:0d:3d:3b:20:c3:f9:97:8b:9e:69:b1:54:
bb:d0:be:17:01:0d:31:7c:e4:fa:dd:b1:a5:c5:f6:86:c7:c5:
19:b3:ee:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJU9pRuUumMUa5menzOEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTUyMThiNjllNTUxMTQzYzUxZmExZDkxOTUxMmUxYTQ0
YzVjOWQwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Y2NmU2NTE4MTIwMWZhNGQxYmNjZjQyZWRjMzc4OTc5NmJmNTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe2TLz7yPyHHMKav8f7FMpTrS1Pi
C7j4gYZt6UAGKB+ECfWrlkyOaDpF/b8kv5Ga8mmPbMNf++41VR7gotyJWNxmyf/D
L1jFd2zjsTYo2DxMEh2UyUp7731EPUpuAS2RlctBzYR+N9STohDQdJEkX2Y4jaU3
HI9L/nb3HFgFHlD/cFa4IYUFK5VNxVh+Rb9Wu7ejQtke62Bq1Q6u+8HDWAuD5rir
rXZJQTZmYwGYk51u2rmlzRv+P6Rl4JJ9k+gjuziUgw2YDGnnXtK+AYaKE47xQVEg
Fo9XAgSQVH31S989OLtgAuHJ3u+DhFPoSIJ+ejRbqA08NMEq0XY0mR4EeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFP2bmUYEgH6TRvM9C7cN4l5a/VIMB8GA1UdIwQY
MBaAFJJVIYtp5VEUPFH6HZGVEuGkTFydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xVaGkybmxVUlE4VWZvZGtaVVM0YVJNWEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80ODI4OTYtODI2YS00YmVkLWIxNGYt
YWZmYmEyZGYzZDYyLzEvVV9adVpSZ1NBZnBORzh6MEx0dzNpWGxyOVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80ODI4OTYtODI2YS00YmVkLWIxNGYtYWZmYmEyZGYzZDYy
LzEva2xVaGkybmxVUlE4VWZvZGtaVVM0YVJNWEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLq3QAwQC
Lq3cMA0GCSqGSIb3DQEBCwUAA4IBAQA+H8RHcGlmRQ4MKiSAx5709pg+uts54H3O
z2ndGOeP8I7h6q8aYaKQHe/p87epSOtP9+ia8Z5Y9fVEf+kEL62268/8ZvIT7ExN
AsIvs5j8pdHRMvT3GCQJEdFZVFX9+qRVhEuZtyNlixLMr4wzX2j3PWd1TFLvS55T
sj6VVLUGuKycK9v4ikbGzxSbUaO0nlHTsVHhDY7jS580E1+xXf/y+DID4v4F3qG+
0tznyXaQHYTLAJckjSgRPN7i8uU+yZHriU95Zir85ntgQFVLXE0veH/dWP9J/fr1
qsELV24NPTsgw/mXi55psVS70L4XAQ0xfOT63bGlxfaGx8UZs+5l
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:16 2024 by rpki-client on console-ams.rpki-client.org